Qmunity: Your Colleagues. Your Connections. Your Content.
Sign in
|
Join
|
Help
|
NetIQ.com
H
OME
B
LOGS
F
ORUMS
N
OTIFICATIONS
G
ROUPS
N
ETIQ
S
UPPORT
Security Web
»
All Tags
»
Data Security
(
RSS
)
Security Web
Home
Contact
Follow Us
Follow us on Twitter
Follow us on Facebook
Syndication
RSS for Posts
Atom
RSS for Comments
Email Notifications
Go
Recent Posts
Sometimes SIEM Needs A Helping Hand
Getting to Lower Risk without Breaking the Bank (or your Back!)
2013: The Year of Continuous, Real-time Threat Monitoring in Business Context
Tech Game Changers: Government, Cloud, Social Identity and Openness
You’re Fired!
Tags
Access Control
BYOD
Cloud
Cloud Computing
cloud security
Compliance
Data Breach
Data Security
David Shephard
Geoff Webb
IAM
Identity and Access Management
IdM
IT process automation
IT Security
JeffCutler
Michael F. Angelo
NetIQ
PCI DSS
Renee Bradshaw
RSA
SaaS
Security
Security Web
SIEM
View more
Archives
May 2013 (5)
April 2013 (5)
March 2013 (3)
December 2012 (3)
November 2012 (8)
October 2012 (6)
September 2012 (6)
August 2012 (16)
July 2012 (5)
May 2012 (2)
March 2012 (8)
February 2012 (2)
January 2012 (2)
December 2011 (2)
November 2011 (2)
October 2011 (3)
July 2011 (7)
June 2011 (7)
May 2011 (7)
April 2011 (13)
March 2011 (6)
February 2011 (6)
December 2010 (2)
November 2010 (3)
October 2010 (1)
September 2010 (1)
August 2010 (4)
July 2010 (2)
June 2010 (7)
May 2010 (3)
April 2010 (3)
March 2010 (9)
February 2010 (4)
January 2010 (1)
December 2009 (1)
November 2009 (1)
October 2009 (1)
September 2009 (2)
August 2009 (3)
July 2009 (3)
June 2009 (3)
May 2009 (5)
April 2009 (7)
March 2009 (6)
February 2009 (8)
January 2009 (10)
Access
Access Manager
Alexis Ohanian
Amazon
Analytics
Android
'Anton Chuvakin'
Audit
Auditors
Availability
Bank of America
Best Practice
Beverley Flynn
Big Data
Breach
Breaches
Bring Your Own Device
BSM
Business Service Management
BYOD
Certification
Change Control
Change Guardian
Change Management
CIO
Cloud
Cloud Computing
Cloud Data
cloud security
Cloud-Based Data
Compliance
Compliance Automation
Continuous Monitoring
Data Breach
Data Breaches
Data Management
Data Protection
Data Protection Act
Database Activity Monitoring
David Shephard
Deloitte
Department of Homeland Security
DevOpsSec
Dipto Chakravarty
Directive 2002/58
Directive 95/46/EC
DPA
DPO
Duane Morris Alert
eBay
Environment
E-Privacy Directive
Eric Knorr
Ernst and Young
EU
European Commission
European Convention of Human Rights
European Union
Facebook
File Integrity Monitoring
FIM
Financial Services Authority
Forrester Research
Francesco Pizzetti
FSA
Garante per la Protezione dei Dati Personali
Gartner
Geoff Webb
George Hulme
Google
Hack
hacker
hacking
hacktivism
Heartland
Heartland Breach
HIPPA: NERC CIP
Huff Post Live
ICO
Information Security
Insider Attack
insider threat
IT Security
IT Audit
IT process automation
IT Security
IT Staffing
JeffCutler
NetIQ
Privacy
Public Cloud
Renee Bradshaw
Risk Management
Security
Security Management
Security Policy
Security Web
SIEM
Verizon Breach Report
Vulnerability
Sometimes SIEM Needs A Helping Hand
According to a recent survey , if you are a security professional counting on a Security Information and Event Management (SIEM) solution to protect your critical assets from nefarious hackers, state-sponsored exploits or the inadvertent missteps of an...
Published
Tue, Apr 04 2013 8:22 AM
by
Renee Bradshaw
Filed under:
Insider Attack
,
Change Control
,
Data Protection
,
malicious insider
,
Data Security
,
File Integrity Monitoring
,
malware
,
hacking
,
insider threat
,
IT Security
,
Vulnerability
,
Security Management
,
Renee Bradshaw
,
SIEM
,
Change Guardian
,
Hack
,
Data Loss
,
Security Information and Event Management
,
IT Security
,
Security Intelligence
,
IT Staffing
,
IT Environment
,
insider threats
,
Security Information
,
Change Management
,
Security Web
,
hacktivism
Getting to Lower Risk without Breaking the Bank (or your Back!)
There’s been a siege mentality in the security community for a while now. Day after day of highly visible and damaging breaches, coupled with a steady diet of security vendor “quick fixes”, have left us battle weary, and oh-so jaded...
Published
Wed, Nov 11 2012 1:57 PM
by
Renee Bradshaw
Filed under:
Cloud Computing
,
Compliance
,
InfoWorld
,
Risk Management
,
Verizon Breach Report
,
Data Security
,
File Integrity Monitoring
,
FIM
,
Password
,
Data Breach Report
,
IT Security
,
Cloud
,
Public Cloud
,
Risk
,
IT Budget
,
Information Security
,
Renee Bradshaw
,
Cloud Data
,
Cloud-Based Data
,
Mobile Devices
,
Data Breaches
,
Mobile Security
,
Passwords
,
Compliance Automation
,
Best Practice
,
Mobile Computing
,
IT Security
,
IT Staffing
,
Breaches
,
Continuous Monitoring
,
Eric Knorr
,
Security Web
2013: The Year of Continuous, Real-time Threat Monitoring in Business Context
2013 Prediction: Threat detection and management will be required to monitor continuously and in business context with regard to level of risk. Given the rapid change, information requirements, environment complexity, growing devices, explosive data growth...
Published
Tue, Nov 11 2012 9:02 AM
by
Michele Hudnall
Filed under:
Heartland Breach
,
Change Control
,
Compliance
,
Heartland
,
Gartner
,
Risk Management
,
Verizon Breach Report
,
Data Security
,
Vulnerability
,
Threat
,
Log Files
,
Certification
,
Breach
,
IT Audit
,
Security Management
,
Security Breach
,
Access
,
SIEM
,
Outage
,
Data Breaches
,
ZDNet
,
Big Data
,
BYOD
,
Threat Detection
,
security incidents
,
Compliance Automation
,
Bring Your Own Device
,
'Anton Chuvakin'
,
IT Security
,
Michele Hudnall
,
Huff Post Live
,
Analytics
,
Breaches
,
BSM
,
Business Service Management
,
Continuous Monitoring
,
DevOpsSec
,
Networkworld
,
DHS
,
Availability
,
Department of Homeland Security
,
Threat Monitoring
,
Security Web
Tech Game Changers: Government, Cloud, Social Identity and Openness
Two weeks ago, I was privileged to once again participate as part of the community on a Huff Post Live segment hosted by Mike Sacks ( @MikeSacksHP ), Tech Game Changers with special guests Vivek Kundra ( @VivekKundra ), First CIO of the US Federal Government...
Published
Fri, Nov 11 2012 11:55 AM
by
Michele Hudnall
Filed under:
Security
,
Cloud Computing
,
Washington D.C.
,
Data Security
,
Amazon
,
Facebook
,
LinkedIn
,
Cloud
,
Twitter
,
CIO
,
Identity
,
Cloud Data
,
Data
,
White House
,
SOPA
,
Huff Post Live
,
Tech President
,
Reddit
,
Southwest Airlines
,
Alexis Ohanian
,
Vivek Kundra
,
BSM
,
SWA
,
eBay
,
Business Service Management
,
Bank of America
,
Social Identity
,
Michele Hudnall: Federal Government
,
Security Web
You’re Fired!
A colleague sent me a reference to a posting recently where after reading the first paragraph, I immediately burst into laughter. Without calling the writer out (which is not the point), I’ll just state that it questioned the purpose and effectiveness...
Published
Wed, Aug 08 2012 5:29 PM
by
Michael Colson
Filed under:
Security
,
Data Breach
,
Compliance
,
Data Security
,
regulation
,
Information Security
,
Audit
,
hacker
,
password policy
,
corporate risk
,
Mandate
,
policy
,
PwC
,
Michael Colson
,
Vulnerabilities
,
Security Awareness Training
,
Procedure
,
Job Security
,
Security Posture
,
Environment
,
PricewaterhouseCoopers
,
Privacy Practices
,
Security Web
Dealing with Data Security and Privacy Laws
The European Union (EU) has always held personal rights and privacy in high regard, and in January it added 119 pages of proposed tough new regulations and penalties for businesses and government agencies that handle personal data. Every member of the...
Published
Fri, Mar 03 2012 10:37 AM
by
David Shephard
Filed under:
Data Breach
,
NetIQ
,
Data Protection
,
Privacy
,
Data Security
,
ICO
,
Social Media
,
HR
,
Sentinel
,
Identity Manager
,
Tuscany
,
Italy
,
Net Studio
,
EU
,
European Convention of Human Rights
,
Directive 95/46/EC
,
European Union
,
DPO
,
Access Manager
,
Garante per la Protezione dei Dati Personali
,
E-Privacy Directive
,
Francesco Pizzetti
,
Human Resources
,
European Commission
,
City of Siena
,
Duane Morris Alert
,
Directive 2002/58
,
Commission nationale de l'informatique et des libertés
,
CNIL
,
United Kingdom
,
UK
,
Information Commissioner Office
,
David Shephard
,
Security Web
Android Wi-Fi Leaks Still a Bother
Google is ubiquitous. They’re the end-all when it comes to analytics, consumer-facing free tools and SEO. If you’re not paying attention to Google, there’s something wrong with your focus. BUT, this increased attention cuts both ways...
Published
Thu, May 05 2011 2:09 PM
by
JeffCutler
Filed under:
Computerworld
,
cloud security
,
Data Security
,
Google
,
Android
,
WiFi
,
JeffCutler
,
Security Web
InfoSecurity Europe: John Doody Interviews Joern Dierks
At last weeks InfoSecurity Europe 2011 , NetIQ's very own Joern Dierks was interviewed by John Doody. This is a transcript of that interview and includes links to useful resources and organizations as well the video recording of the interview : John...
Published
Mon, Apr 04 2011 10:55 AM
by
David Shephard
Filed under:
Security
,
IT process automation
,
Data Breach
,
Insider Attack
,
NetIQ
,
Cloud Computing
,
Change Control
,
Compliance
,
Data Protection
,
Risk Management
,
cloud security
,
Data Security
,
Security Policy
,
insider threat
,
IT Security
,
ISO 27000
,
Cloud
,
Service Level Agreements
,
SLAs
,
Information Security
,
InfoSecurity
,
InfoSec11
,
InfoSecurity Europe
,
IT Audit
,
InfoSec
,
Auditors
,
David Shephard
,
Security Web
Perimeter-Based Data vs Cloud-Based Data and Security
Let’s begin today’s article with the premise that you’re interested in finding solutions to house and access your data. You have some understanding of how cloud computing works and probably have been using some cloud application security...
Published
Thu, Apr 04 2011 3:22 PM
by
JeffCutler
Filed under:
Security
,
Cloud Computing
,
Data Security
,
Public Cloud
,
Private Cloud
,
Dipto Chakravarty
,
Role-Centric
,
Perimeter-Based Data
,
Cloud-Based Data
,
Identity-Centric
,
Data Management
,
Two Factor Authentication
,
JeffCutler
,
Security Web
Database Activity Monitoring: Defender of the Corporate Database
The next time you’re tempted to “borrow” your co-worker’s subscriber log-in information for Hoover’s , consider the plight of Goldman Sachs. In early May, the company was slapped with $3 million lawsuit by Ipreo Holdings...
Published
Tue, May 05 2010 4:33 PM
by
Renee Bradshaw
Filed under:
Data Breach
,
Compliance
,
Data Breach Notification Act
,
CSI
,
Data Protection
,
Verizon Breach Report
,
Data Security
,
Database Activity Monitoring
,
Renee Bradshaw
,
Security Web
It's all about the data. Here's to SB-1186
It doesn't matter what mandate is your current headache-du-jour - PCI , HIPAA (ok, someone must be worried about it), NERC CIP , SOX or some other acronym , the fact is security of critical data should be the overarching theme. It's all about...
Published
Mon, Apr 04 2010 6:25 AM
by
Geoff Webb
Filed under:
Security
,
Data Breach
,
Information Week
,
Geoff Webb
,
Data Protection
,
PCI
,
Data Security
,
George Hulme
,
HIPPA: NERC CIP
,
SOX
,
SB-1186
,
Security Web
Short-term gain, long-term pain, and just a little bit of integrity (for files)
For a long time, security teams have been forced to play catch-up to a bewildering number of threats, and an equally bewildering number of technical responses. I recently wrote an article for InfoSecurity Magazine addressing where I think this has left...
Published
Fri, Apr 04 2010 3:56 PM
by
Geoff Webb
Filed under:
Forrester Research
,
Data Breach
,
PCI DSS
,
Geoff Webb
,
Compliance
,
Data Protection
,
Data Security
,
John Kindervag
,
File Integrity Monitoring
,
FIM
,
Security Web
Cloud security gets even more...well, cloudy?
I promise I'm not on some kind of crusade against the whole idea of cloud computing, but just recently it seems to be coming up a lot . (That's what I get for walking around the RSA Conference trying to count the number of stock, cloud images...
Published
Thu, Apr 04 2010 1:10 PM
by
Geoff Webb
Filed under:
Data Breach
,
Geoff Webb
,
Cloud Computing
,
RSA Conference
,
RSA 2010
,
cloud security
,
Data Security
,
Security Web
Safe and sound?
The risk of financial sanctions and damaged reputations means that data security is rising up the agenda for regulated firms. James Thomas reports: Laptops left on trains, misplaced CDs… a host of high profile information leakages have brought...
Published
Tue, Mar 03 2010 10:34 AM
by
David Shephard
Filed under:
IT process automation
,
Compliance
,
Data Protection
,
Mike Maddison
,
Compliance Monthly
,
Privacy
,
Deloitte
,
Regulations
,
Data Security
,
James Thomas
,
ICO
,
Financial Services Authority
,
Information Commissioner's Office
,
FSA
,
DPA
,
Data Protection Act
,
Ernst and Young
,
Seamus Reilly
,
Security Policy
,
Beverley Flynn
,
David Shephard
,
Security Web
,
Stevens and Bolton
Home
|
Terms of Use
|
Privacy Policy
|
NetIQ.com
|
Attachmate.com
NetIQ, an Attachmate Business